Primary differences between SSL Certificate vendors and types

There are two primary variations between all SSL Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide communication security over the Internet.[1] TLS and SSL encrypt the segments of network connections at the Application Layer for the Transport Layer, using asymmetric cryptography for key exchange, symmetric encryption for confidentiality, and message authentication codes for message integrity. Certificates: The Certification Authority Certification Authority (CA) A third party organization which is used to confirm the relationship between a party to the https transaction and that party's public key. Certification authorities may be widely known and trusted institutions for internet based transactions, though where https is used on companies internal networks, an internal department within the company may fulfill this role. (CA) who issues the certificate, and the depth in which the application for the Certificate by the customer is reviewed and validated.

Brand

The Brand of SSL Certificate SSL Certificates are created for a particular server and domain, and are issued by trusted, third-party Certificate Authority (CA) - comparable to your passport. As the Certification Authority, the SSL Certificate vendor authenticates the identity of the purchaser and verifies the business that owns the domain. directly affects who the CA of the certificate will be. This can have some technical implications, but primarily can affect your site visitor’s behaviors based on their perceptions of each CA’s reputation in the industry.

Type

The Type of SSL Certificate purchased will dictate the thoroughness in which the application details are verified. The more expensive Certificates undergo a stringent manually verification process prior to issuance. Each Type of Certificate includes a different Site Seal for inclusion on the applicable website. This Site Seal will reflect the validation process that was employed, thus providing site visitors additional assurance of the validity and security of the website itself.

For more information on the different validation processes which are employed, please click the certificate in question below

Domain Validated Certificates	Organization Validated Certificates	Extended Validation EV SSL Certificates provide all the benefits of the Advantage SSL Certificates while also includeing prominent new trust indicators like a green address bar. Certificates
GeoTrust QuickSSL	GeoTrust True Business ID	GeoTrust True Business ID EV
GeoTrust QuickSSL Premium	GeoTrust True Business ID Wildcard	Symantec Secure Site with EV
GeoTrust QuickSSL Premium Multi-Domain	GeoTrust True Business ID Multi-Domain	Symantec Secure Site Multi-Domain with EV
GeoTrust SAN SSL Certificate	Symantec Secure Site	Symantec Secure Site Pro with EV
Rapid SSL	Symantec Secure Site Multi-Domain	Symantec Secure Site Pro Multi-DOmain with EV
Rapid SSL Wildcard	Symantec Secure Site Pro	Sectigo EV SSL
Sectigo PositiveSSL	Symantec Secure Site Pro Multi-Domain
Sectigo SSL	Symantec Secure Site Wildcard
Sectigo Wildcard SSL	Sectigo InstantSSL
Sectigo PositiveSSL Wildcard	Sectigo Multi-Domain SSL
	Sectigo InstantSSL Premium Wildcard

SAN Certificates

Multi-domain or SAN The Subject Alternative Names (SAN) extension allows one SSL certificate to be used to secure one Web server with multiple names (such as a different DNS name, IP address or URI). (Secure Alternate Name) SSL certificates can cover multiple domain names on just one certificate. For example, Symantec multi-domain certificates can cover up to 25 domains, whereas GeoTrust and Sectigo multi-domain certificates can cover anywhere from 5 to 100 domains, depending on the type of certificate you order.

Wildcard Certificates

A Wildcard SSL It is possible for a web hosting company to share a single SSL certificate - this allows the same SSL certificate to be used by many websites without the need to issue individual SSL certificates to each hosting customer. This allows the unlimited use of different sub domains on the same domain name. The Wildcard certificate allows the webhosting company to give each customer a secure sub domain, such as customer1.mydomain.ca, customer2.mydomain.ca, etc. The same can be applied for organizations wanting to secure multiple sub domains within the enterprise network. certificate may be used for situations where several same-domain web sites need to be secured but the sub-domains vary. You can secure as many sub-domains on one physical sever as you would like with the wildcard product as long as they share the same second level domain name. In order for you to do this, the domain/common name in the CSR would need to be "*.mydomain.com". The asterisk is a place holder and enables you to secure different sub-domains that share the same base/second level domain name such as "mydomain.com" in our example. If you need to install the certificate on multiple servers, then the private key must be exported from the original server and imported onto the additional servers you wish to secure. Next, install the certificate onto each of the new servers.

NOTE: If your server or device does not allow for either the exporting or importing of the private key, you will need to purchase separate wildcard certificates for each server.

Here is an example of sub-domains with the same second level domain:

• www.mydomain.com
• w1.mydomain.com
• secure.mydomain.com
• test.mydomain.com
• trash.mydomain.com

All of these have the same second level domain "mydomain.com" but different hostnames. One wildcard certificate of the form " *.mydomain.com " could serve all these web sites.

The wildcard is useful in situations like the above or when the web hosting service puts customer branding as the host name but all of them will have the same domain. For example: A Web Hosting Service offers its Fortune 500 clients a convenient shopping mydomain cart with their own brand name –

• www.mydomain.com
• mail.mydomain.com
• webmail.mydomain.com
• intranet.mydomain.com
• extranet.mydomain.com

All of these individualized web sites can be secured with the one and same wildcard of the form:

*. mydomain.com

Wildcards can also have more than three fields, such as:

* . * . domain . com

* . * . * . * . *. domain . com

etc.

If you are running IIS, you cannot get a multi-asterisk wildcard but you can get a single asterisk wildcard.

Extended Validation (EV) Certificates

Extended Validation EV SSL Certificates provide all the benefits of the Advantage SSL Certificates while also includeing prominent new trust indicators like a green address bar. or "EV" is the new standard developed and agreed upon by each major Certification Authority Certification Authority (CA) A third party organization which is used to confirm the relationship between a party to the https transaction and that party's public key. Certification authorities may be widely known and trusted institutions for internet based transactions, though where https is used on companies internal networks, an internal department within the company may fulfill this role. and the major browser vendors to authenticate and issue next-generation SSL Certificates.

EV SSL Certificates help protect your site from phishing scams and assure your customers that they are dealing with a business or organization that has been thoroughly checked out using the New EV standard.

An EV SSL certificate triggers high-security web browsers to display your organization's name in a green address bar, and to show the name of the Certificate Authority that issued it.

The Certificate Authority authenticates websites with an audited, rigorous methodology.

Online shoppers recognize the green address bar as an easy and reliable way to verify site identity and security. It provides an instant visual queue that your site is a trusted site and has met rigorous EV authentication standards. Higher trust leads to increased conversions and more business for you.